While ‘hacktivists’ across the world are attacking websites of governments and agencies inimical to WikiLeaks boss Julian Assange—arrested on rape charges they believe are trumped up—another cyberspace war, albeit subcontinental, is also being fought out. On one side is the Indian Cyber Army (ICA), an anonymous group of hackers who say they are worried about India’s security. On the other is Predators PK, of Pakistan. On December 3, members of the Pakistani group hacked into more than 250 Indian websites, leaving pages created by them as triumphal flags. They say this is in retaliation for ICA’s attacks on Pakistani sites, including 30 Pakistani government sites. The prize catch: the website of the Pakistani navy.
What Predators PK must be counting among its biggest retaliatory scores is the hacking of the Central Bureau of Investigation (CBI) website. The group has also broken into the websites of Indian educational institutions, NGOs, companies and religious groups. Some targeted sites are inaccessible at the time of writing; some, though functional, continue to display pages planted by the Pakistani group.
Though the stereotype is of hackers being solitary anarchists or mischief-mongers, they do sometimes coalesce into groups, including purportedly nationalistic ones. There even are those who call themselves “ethical hackers”. But at heart hackers, at least of the non-criminal kind, are show-offs: they like to progress to websites that are better and better secured, each time leaving a marker. “Hacking is like a bad habit. It’s hard to give up,” says an ethical hacker from Bangalore. “The psychology of all hackers is the same. The urge to leave an imprint makes them choose websites of investigative agencies and governments.”
Unlike the ICA attack, which the group claimed was “revenge for 26/11”, the Pakistani group did not suggest anything other than retaliation. The principal message from Predators PK, in the name of a hacker known as HEX786: “This is just a warning to all script kiddies and Indian hackers. Stop being snobs and defacing Pakistani websites. Your security was good but we like breaking it.”
Experts say there’s no foolproof way of securing systems. The only answer is constant upgradation of security devices. “There are grey areas. It’s also true there’s no way a system can be completely insulated,” says Pavan Duggal, a cyber expert. “Sometimes, even experts fail to recognise that a website or a computer has been hacked.”
Of the attack on the CBI website, B.R. Lall, a former joint director of the agency, says, “Such incidents have taken place in the past. Hate messages were left on the system. It’s a side-effect of growing technology. We have to counter it with better technology.”
One popular hacking technology is Remote Access Tools (RATs). Using rats, a hacker can place malware on the target computer or pull out anything from it. Highly evolved viruses are also being used. In such wars, the results can be catastrophic: hackers can harm critical infrastructure like power plants, aviation control systems, even—forbid the thought—nuclear plants. Investigating agencies, including those in India, fight back by learning about these new technologies. Quite often, from hackers themselves. As for the Indo-Pak cyber war, it may safely be assumed there will be many more skirmishes.